Hackers use PHP exploit to backdoor Windows systems with new malware

August 20, 2024 at 01:56PM Attackers deployed a new backdoor, Msupedge, on a Taiwan university’s Windows systems, possibly through a recently patched PHP vulnerability (CVE-2024-4577). Based on the meeting notes, it appears that unknown attackers have deployed a newly discovered backdoor called Msupedge on a university’s Windows systems in Taiwan, likely by exploiting a recently … Read more

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

July 11, 2024 at 01:54AM Multiple threat actors are exploiting a recently disclosed security flaw in PHP (CVE-2024-4577) to deliver remote access trojans, cryptocurrency miners, and DDoS botnets. Users are advised to update their PHP installations. Additionally, DDoS attacks increased 20% year-over-year, with China being the most targeted country. Follow for more exclusive content. Based … Read more

TellYouthePass Ransomware Group Exploits Critical PHP Flaw

June 12, 2024 at 11:50AM TellYouThePass, a ransomware group, is targeting businesses and individuals using open source Web development languages, exploiting a critical PHP vulnerability (CVE-2024-4577) for remote code execution. This allows them to execute arbitrary code on vulnerable servers, posing significant risks. They also use various attack techniques and exploit known vulnerabilities such as … Read more

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

June 11, 2024 at 10:28AM TellYouThePass ransomware gang has swiftly exploited the critical CVE-2024-4577 vulnerability in PHP, despite a recent patch. Using publicly available exploit code, they deploy webshells and execute an encryptor payload. By injecting a ransomware variant into memory, they demand 0.1 BTC for decryption. Over 450,000 exposed PHP servers could be vulnerable. … Read more

PHP fixes critical RCE flaw impacting all versions for Windows

June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more